News <\/p>\n
By Lucian Constantin <\/p>\n
June 16, 2014 03:46 PM ET <\/p>\n
IDG News Service - A hacker exploited publicly known vulnerabilities to install malware on network-attached storage systems manufactured by Synology and used their computing power to generate Dogecoins, a type of cryptocurrency. <\/p>\n
The operation took place during the first months of the year and is likely the most profitable of its kind to date, earning the attacker over US$600,000 according to a recent analysis by researchers from Dell SecureWorks. <\/p>\n
Using CPUs and GPUs to solve cryptographic problems as part of cryptocurrency systems is an activity referred to as mining. Those who perform it -- typically using their own systems -- are automatically rewarded by the system with units or subunits of that respective currency. <\/p>\n
At the beginning of February reports started appearing online from users complaining about sluggish performance and high CPU usage on their Synology NAS systems, which have a Linux-based operating system called DiskStation Manager (DSM) developed by the Taiwan-based manufacturer. <\/p>\n
The problems were tracked to an unauthorized application running on affected systems from a directory called PWNED that turned out to be a custom version of a cryptocurrency mining program called CPUMiner specifically compiled for Synology's DSM OS, the Dell SecureWorks researchers said Friday in a blog post. <\/p>\n
An analysis of the rogue program showed that it had been configured to mine Dogecoin, a peer-to-peer cryptocurrency similar to Bitcoin that was launched in December 2013. <\/p>\n
The Dell SecureWorks researchers identified two electronic wallet addresses associated with the rogue mining activity and determined that their owner had mined over 500 million Dogecoins, worth about $620,000, mostly during January and February. <\/p>\n
<\/p>\n